Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6761

4 documents4 sources
Severity
6.5MEDIUM
EPSS
56.4%
top 1.88%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Netmail
Timeline
PublishedDec 27
Latest updateMay 1

Description

Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

NVDnovell/netmail3.5.2

Patches

Patch: labs.idefense.comPatch: secunia.comPatch: securitytracker.com

🔴Vulnerability Details

2
GHSA
GHSA-7865-295x-8f3p: Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 32022-05-01
CVEList
CVE-2006-6761: Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 32006-12-27

💥Exploits & PoCs

1
Exploit-DB
Novell NetMail 3.52d - IMAP Subscribe Buffer Overflow (Metasploit)2010-05-09
CVE-2006-6761 (MEDIUM CVSS 6.5) | Stack-based buffer overflow in the | cvebase.io